Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249051	4.3	警告	atmail pty ltd	-	Atmail の search.pl におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0953	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

249052	7.5	危険	fullaspsite	-	Fullaspsite ASP ホスティングサイトの listmain.asp における SQL インジェクションの脆弱性	-	CVE-2007-0951	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

249053	6.8	警告	fullaspsite	-	Fullaspsite ASP ホスティングサイトの listmain.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0950	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

249054	7.5	危険	アルバネットワークス株式会社 Alcatel-Lucent	-	Aruba Mobility Controllers における管理用インターフェースまたは WLAN へアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-0932	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

249055	7.5	危険	アルバネットワークス株式会社 Alcatel-Lucent	-	Aruba Mobility Controllers の管理インターフェースにおけるヒープベースのバッファオーバーフローの脆弱性	-	CVE-2007-0931	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

249056	7.5	危険	apache stats	-	Apache Stats における任意の変数を変更される脆弱性	-	CVE-2007-0930	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

249057	4.3	警告	communityserver.org	-	Community Server の search/SearchResults.aspx におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0925	2012-06-26 15:46	2007-02-14	Show	GitHub Exploit DB Packet Storm

249058	4.3	警告	cPanel	-	cPanel WHM の scripts/passwdmysql におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0890	2012-06-26 15:46	2007-02-12	Show	GitHub Exploit DB Packet Storm

249059	7.8	危険	Gecad Technologies	-	axigen におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0887	2012-06-26 15:46	2007-02-12	Show	GitHub Exploit DB Packet Storm

249060	10	危険	Gecad Technologies	-	axigen におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0886	2012-06-26 15:46	2007-02-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196341	6.1	MEDIUM Network	pluginus	woocommerce_products_filter	The WOOF WordPress plugin before 1.2.6.3 does not sanitise and escape the woof_redraw_elements before outputing back in an admin page, leading to a Reflected Cross-Site Scripting	-	CVE-2021-25085	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196342	6.5	MEDIUM Network	nextscripts	social_networks_auto_poster	The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.25 does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts v…	-	CVE-2021-25072	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196343	6.1	MEDIUM Network	cf7skins	contact_form_7_skins	The Skins for Contact Form 7 WordPress plugin before 2.5.1 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting	-	CVE-2021-25063	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196344	6.1	MEDIUM Network	asset_cleanup\	_page_speed_booster_project	The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not sanitise and escape POSted parameters sent to the wpassetcleanup_fetch_active_plugins_icons AJAX action (available to ad…	CWE-79 Cross-site Scripting	CVE-2021-24983	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196345	6.1	MEDIUM Network	nextscripts	social_networks_auto_poster	The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.24 does not sanitise and escape logged requests before outputting them in the related admin dashboard, leading to an Unauthent…	-	CVE-2021-24975	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196346	4.8	MEDIUM Network	cusmin	absolutely_glamorous_custom_admin	The Custom Dashboard & Login Page WordPress plugin before 7.0 does not sanitise some of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_ht…	-	CVE-2021-24944	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196347	6.1	MEDIUM Network	asset_cleanup\	_page_speed_booster_project	The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not escape the wpacu_selected_sub_tab_area parameter before outputting it back in an attribute in an admin page, leading to …	-	CVE-2021-24937	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196348	6.1	MEDIUM Network	yellowpencil	visual_css_style_editor	The Visual CSS Style Editor WordPress plugin before 7.5.4 does not sanitise and escape the wyp_page_type parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Script…	-	CVE-2021-24934	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196349	6.1	MEDIUM Network	domaincheckplugin	domain_check	The Domain Check WordPress plugin before 1.0.17 does not sanitise and escape the domain parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting issue	CWE-79 Cross-site Scripting	CVE-2021-24926	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196350	8.8	HIGH Network	wickedplugins	wicked_folders	The Wicked Folders WordPress plugin before 2.8.10 does not sanitise and escape the folder_id parameter before using it in a SQL statement in the wicked_folders_save_sort_order AJAX action, available …	CWE-89 SQL Injection	CVE-2021-24919	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm